Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-management-13.txt
Justin Richer <jricher@mit.edu> Mon, 06 April 2015 20:12 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AD6F1A911E for <oauth@ietfa.amsl.com>; Mon, 6 Apr 2015 13:12:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pyD9qN-QkT23 for <oauth@ietfa.amsl.com>; Mon, 6 Apr 2015 13:12:38 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5734B1A90FD for <oauth@ietf.org>; Mon, 6 Apr 2015 13:12:38 -0700 (PDT)
X-AuditID: 12074423-f79536d000000e74-01-5522e8b5d053
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 9A.EF.03700.5B8E2255; Mon, 6 Apr 2015 16:12:37 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t36KCaVw007596 for <oauth@ietf.org>; Mon, 6 Apr 2015 16:12:37 -0400
Received: from [10.66.204.91] ([64.236.138.4]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t36KCY5B030927 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <oauth@ietf.org>; Mon, 6 Apr 2015 16:12:36 -0400
Content-Type: multipart/signed; boundary="Apple-Mail=_D6FC85EA-ECB2-4768-95E6-49DEB4BF10A4"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
X-Pgp-Agent: GPGMail 2.5b6
From: Justin Richer <jricher@mit.edu>
In-Reply-To: <20150406200616.30684.28620.idtracker@ietfa.amsl.com>
Date: Mon, 06 Apr 2015 13:12:34 -0700
Message-Id: <CFEB13B7-12E7-4300-974D-C21CBFC951C9@mit.edu>
References: <20150406200616.30684.28620.idtracker@ietfa.amsl.com>
To: "<oauth@ietf.org>" <oauth@ietf.org>
X-Mailer: Apple Mail (2.2070.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrNKsWRmVeSWpSXmKPExsUixCmqrLv1hVKowa2NQhYn375ic2D0WLLk J1MAYxSXTUpqTmZZapG+XQJXxqQpB5gLJktWbP97k6WB8bxIFyMnh4SAicSLxX2MELaYxIV7 69m6GLk4hAQWM0ksuN/GBOEcZZTYt6uHHaRKSGA/k0TzxQqQBLPAFEaJGycPM4MkeAUMJOae +sIEYgsL+ElsePoLaqyURNPrY2A2m4CqxPQ1LWA1nAJOEq+WPAQbyiKgIvFyzxxGiDlWEkvm b2OGWOYosfftdbC4iIC6xJrzP4F6OYBmykv0bEqfwCgwC9kZs5CcAWIzC2hLLFv4mhnC1pTY 372cBcKWl9j+dg5U3FJi8cwbUHFbiVt9C6B67SQeTVvEuoCRYxWjbEpulW5uYmZOcWqybnFy Yl5eapGumV5uZoleakrpJkZQPLC7KO9g/HNQ6RCjAAejEg/vhFuKoUKsiWXFlbmHGCU5mJRE eVufKYUK8SXlp1RmJBZnxBeV5qQWH2JUAdr1aMPqC4xSLHn5ealKIrx5d4DqeFMSK6tSi/Jh yqQ5WJTEeTf94AsREkhPLEnNTk0tSC2CycpwcChJ8Io/B2oULEpNT61Iy8wpQUgzcXAeYpTg 4AEafgCkhre4IDG3ODMdIn+KUVFKnDcIJCEAksgozYPrhaWxV4ziQG8J864GqeIBpkC47ldA g5mABvM/AxtckoiQkmpgnJx3rib+Kfu9z8ote10mRx77mM7ysmovW3K/7I686p6D7azhFvdr 3+zbXMyt/mTyqy9pa63dp57zt4gp2z0nL0tmuZ9RpVp8ic7Pqqu2ukKms/fseuo312H1ct5D fyJurqzaZxSddS//YNNWV9v4hw5/rdJ+CJa23q9MX8hzY3HNYoXZUU71SizFGYmGWsxFxYkA Ing6eD4DAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/HT3Ygp_iaTOBpkeKEHhCgyrRfbU>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-management-13.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2015 20:12:40 -0000
This version of the management spec includes the changed language to the security considerations section discussed on the list after IETF92, changing the recommendation for rate-limiting for one of minimum token entropy to prevent token guessing attacks against the registration access token. Please review the diffs and comment on the list here if anything needs to be tweaked. — Justin > On Apr 6, 2015, at 1:06 PM, <internet-drafts@ietf.org> <internet-drafts@ietf.org> wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Web Authorization Protocol Working Group of the IETF. > > Title : OAuth 2.0 Dynamic Client Registration Management Protocol > Authors : Justin Richer > Michael B. Jones > John Bradley > Maciej Machulak > Filename : draft-ietf-oauth-dyn-reg-management-13.txt > Pages : 18 > Date : 2015-04-06 > > Abstract: > This specification defines methods for management of dynamic OAuth > 2.0 client registrations for use cases in which the properties of a > registered client may need to be changed during the lifetime of the > client. Not all authorization servers supporting dynamic client > registration will support these management methods. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-oauth-dyn-reg-management/ > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-13 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-dyn-reg-management-13 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-m… internet-drafts
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-r… Justin Richer